/******************************************************************************* * Copyright 2017 Graz University of Technology * EAAF-Core Components has been developed in a cooperation between EGIZ, * A-SIT+, A-SIT, and Graz University of Technology. * * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. *******************************************************************************/ /******************************************************************************* *******************************************************************************/ /******************************************************************************* *******************************************************************************/ package at.gv.egiz.eaaf.core.api.idp.auth; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.slo.ISLOInformationContainer; import at.gv.egiz.eaaf.core.exceptions.EAAFException; public interface IAuthenticationManager { //TODO public static int EVENT_AUTHENTICATION_PROCESS_FOR_SP = -1; public static int EVENT_AUTHENTICATION_PROCESS_STARTED = -1; public static int EVENT_AUTHENTICATION_PROCESS_FINISHED = -1; public static int EVENT_AUTHENTICATION_PROCESS_ERROR = -1; /** * Add a request parameter to whitelist. All parameters that are part of the white list are added into {@link ExecutionContext} * * @param httpReqParam http parameter name, but never null */ void addParameterNameToWhiteList(String httpReqParam); /** * Add a request header to whitelist. All parameters that are part of the white list are added into {@link ExecutionContext} * * @param httpReqParam http header name, but never null */ void addHeaderNameToWhiteList(String httpReqParam); /** * Starts an authentication process for a specific pending request * * @param httpReq http servlet request * @param httpResp http servlet response * @param pendingReq Pending request for that an authentication is required * @return true if the pending request is already authenticated, otherwise false * @throws EAAFException */ boolean doAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) throws EAAFException; /** * Close an active authenticated session on IDP side * * @param request http servlet request * @param response http servlet response * @param pendingReq ReqPending request for that an authentication session should be closed */ void performOnlyIDPLogOut(HttpServletRequest request, HttpServletResponse response, IRequest pendingReq); /** * Close an active authenticated session on IDP side and get a list authenticated service providers * * @param request http servlet request * @param response http servlet response * @param pendingReq ReqPending request for that an authentication session should be closed * @param internalSSOId internal SSO session identifier * @return A container that contains all active SP sessions * @throws EAAFException */ ISLOInformationContainer performSingleLogOut(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq, String internalSSOId) throws EAAFException; }